The Data Security Council of India (DSCI) is planning to devise a data protection seal (DPS) to verify and check secure use of people’s data by platforms across the country.
The project, currently piloted with partner organisations, will help users know which organisations are using their data safely and following the basic standards of data privacy. This will be similar to the ISI mark that conforms to a product in accordance with the Bureau of Indian Standards.
“The data protection seal will provide some level of assurance about the application, website, or product, according to expectations of privacy, and whether it behaves responsibly,” said Vinayak Godse, chief executive officer, DSCI, in an interaction with Business Standard.
Such a process will allow companies to better comply with the Digital Personal Data Protection (DPDP) Act and also any other upcoming rules.
“Once we have checked the organisation or a platform about the processes they use to deal with data and how they use it, we will be creating this seal, which will make sure that people are able to see the information and implementation of data safety practices on the platform,” Godse said.
He added that the seal would be a commitment from DSCI that the app, product, platform was being checked by the organisation according to the expectations from a data safety point of view.
The DSCI is a not-for-profit set up by industry body Nasscom. It works in the areas of cyber security and privacy, and engages with governments, agencies, regulators, industry sectors, associations and think tanks for policy advocacy, thought leadership, capacity building and outreach activities.
More From This Section
The council has also started a data protection credential programme, known as DSCI-certified Data Protection Officer, which helps organisations in getting their DPOs trained as per the requirements under the Digital Personal Data Protection (DPDP) Act.
“A couple of batches under the programme are already being hosted in Delhi and Bengaluru. We will be training many more batches and creating DPOs, which will help organisations to be compliant with the DPDP Act,” said Godse.
The data protection seal and DPO credential program are a part of DSCI’s agenda for the upcoming International Data Privacy Day on January 28.
Vinayak identified the growth in the ransomware ecosystem, multi-factor authentication related attacks, and the use of artificial intelligence as the biggest cyber security challenges in 2024.
He also hinted at the possibility of state-crafted threat attacks impacting the commercial sector and end users, because of the increasing amounts of investments getting involved.
On rising instances of deepfakes, Godse suggested that looking at every piece of content might be a very difficult task. Instead, he suggested, the identities of internet users that are making such content go viral are the ones that need to be identified and curtailed.
Analysing the authenticity of content without revealing it to the platform is another challenge that needs to be taken into account while identifying deepfakes to avoid breach of user privacy, he added.
However, Godse also called for a privacy preserving analysis of deepfake content around sensitive issues such as sexually explicit media or content that could pose problems to public order in order to rid the menace of deepfakes and misinformation in the digital world.
· It would help users in knowing which apps and platforms are keeping their data safe
· It might help platforms to better comply with the DPDP Act and similar upcoming rules